Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Traffic Shaping (CODEL/FQ_CODEL) kills all traffic, no internet access

    Scheduled Pinned Locked Moved Traffic Shaping
    3 Posts 2 Posters 780 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JeFizz
      last edited by

      As the title states, when I create the Limiter and Queues for WAN Download and WAN Upload, then create and apply the 2 floating rules (IPv4 and IPv6) on WAN interface, I lose all internet access. If I disable the FW rules, everything comes back.

      I'm a dangerous IT Sys Admin that has very little network training, so I may be my own worst enemy here. Please don't assume that my setup is correct, so please ask questions and I will do my best to oblige.

      Not that I am running it, but I understand that Suricata running in inline mode doesn't work with traffic shaping, is that potentially the case I have here with pfBLockerNG-devel?

      pfsense:
      2.5.0-DEVELOPMENT (amd64)
      built on Thu Sep 10 01:03:22 EDT 2020
      FreeBSD 12.2-PRERELEASE

      Hardware:
      Hyper-V VM, dual NIC
      4GB RAM
      3 CPU Cores
      Disk: plenty.

      Packages:
      HAProxy: 0.60_4
      pfBlockerNG-devel: 2.2.5_34
      Telegraf: 0.9_4

      Gigabit internet by xfinity (1Gb/41Mb)
      4 VLANS (LAN, Gaming, IOT, DMZ. More info on request.

      Limiters/Queues:
      Name: WAN-Download
      Bandwidth: 1024 Mbit/s
      Mask: None
      Queue Management Algorithm: CoDel
      Scheduler: FQ_CODEL
      Queue length: 10000
      ECN: checked

      • Name: WAN-Download-Q
      • Mask: None
      • Queue Management Algorithm: CoDel
      • ECN: checked

      -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=

      Name: WAN-Upload
      Bandwidth: 41 Mbit/s
      Mask: None
      Queue Management Algorithm: CoDel
      Scheduler: FQ_CODEL
      Queue length: 4000
      ECN: checked

      • Name: WAN-Upload-Q
      • Mask: None
      • Queue Management Algorithm: CoDel
      • ECN: checked

      Firewall Rules:
      Floating
      I've tried adding to the top or bottom to no avail.
      a46ccca0-550e-449b-a85d-5f1c1b25a4c2-image.png
      For both ipv4/6...
      Action: Pass
      Quick: checked
      Interface: WAN
      Direction: Out
      Address Family: IPv4 or IPv6 depending on rule
      Protocol: Any
      Source: Any
      Dest.: Any
      Gateway: WAN_DHCP or WAN_DHCP6 depending on rule
      In / Out pipe: WAN-Upload-Q / WAN-Download-Q

      1 Reply Last reply Reply Quote 0
      • kiokomanK
        kiokoman LAYER 8
        last edited by

        yes it's not working on 2.5.0
        https://redmine.pfsense.org/issues/9643

        ̿' ̿'\̵͇̿̿\з=(◕_◕)=ε/̵͇̿̿/'̿'̿ ̿
        Please do not use chat/PM to ask for help
        we must focus on silencing this @guest character. we must make up lies and alter the copyrights !
        Don't forget to Upvote with the 👍 button for any post you find to be helpful.

        J 1 Reply Last reply Reply Quote 1
        • J
          JeFizz @kiokoman
          last edited by

          @kiokoman said in Traffic Shaping (CODEL/FQ_CODEL) kills all traffic, no internet access:

          yes it's not working on 2.5.0
          https://redmine.pfsense.org/issues/9643

          Thanks for info, I keep forgetting about the bug tracker. Watching that one now.

          1 Reply Last reply Reply Quote 0
          • First post
            Last post
          Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.